This repository has been archived by the owner on Aug 2, 2022. It is now read-only.
restrict range of error codes that contracts are allowed to emit #7274
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…erves a high range for system level errors
heifner
reviewed
May 6, 2019
| @@ -106,6 +106,12 @@ | |||
|
|
|||
| namespace eosio { namespace chain { | |||
|
|
|||
| enum class system_error_code : uint64_t { | |||
| default_system_error = 10000000000000000000ULL, | |||
There was a problem hiding this comment.
default_system_error seems like an odd name to me. Maybe reserved_system_error or lowest_reserved_system_error or system_error_range or system_error_range_begin
…'t have a more specific error code defined
heifner
approved these changes
May 6, 2019
This was referenced May 6, 2019
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Change Description
A contract is allowed to fail with a
uint64_terror code using theeosio_assert_codeintrinsic. This is an alternative to the other variants of assert intrinsics which take string error messages that allows for reductions in contract WASM size.Contracts are allowed to choose error code values and assign meaning to them specific to their contract, however they should not be allowed the full range of a
uint64_t. The values greater than or equal to 10,000,000,000,000,000,000 are reserved by the EOSIO system for its own error codes to be used in the future.This PR makes a change to the
eosio_assert_codeintrinsic implementation to disallow a contract from passing through an error code in the restricted range into the trace, thereby reserving the range to allow the system to unambiguously signal system errors via theerror_codefield of the trace.To avoid changing consensus rules, a call to
eosio_assert_codewith a restrictederror_codevalue is allowed if theconditionis true; it is still a no-op in that case. It is only when theconditionis false that the restriction on theerror_codevalue is enforced. The transaction still fails but with a different error code (system_error_code::contract_restricted_error_code) to signal that the contract calledeosio_assert_codewith a restricted error code value.Any chain exceptions that do not have a more specific error code defined will use the error code of the
generic_system_error, which is the value at the start of the range of error codes restricted for system errors.Consensus Changes
API Changes
Documentation Additions
Contracts are able to use
uint64_terror codes as an alternative (and cheaper) means of signaling error conditions as opposed to string error messages. However, EOSIO and EOSIO.CDT reserve certain ranges of theuint64_tvalue space for their own purposes. They assume that the contract develop respects the following restrictions:eosio_assert_codeto be used to fail with error code values used within this range.